New playbook created.
New playbook to create a new ManageEngine Service Desk Plus ticket request when a new incident is created.
This commit is contained in:
Robert Kitching
Родитель
fefa794232
Коммит
4222d55c2b
|
|
@ -0,0 +1,186 @@
|
|||
{
|
||||
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
|
||||
"contentVersion": "1.0.0.0",
|
||||
"metadata":{
|
||||
"comments": "This playbook will open a new request in ManageEngine Service Desk Plus On Demand",
|
||||
"author": "Robert Kitching"
|
||||
},
|
||||
"parameters": {
|
||||
"PlaybookName": {
|
||||
"defaultValue": "Open-ServiceDeskPlusOnDemand-Ticket",
|
||||
"type": "string"
|
||||
},
|
||||
"UserName": {
|
||||
"defaultValue": "<username>@<domain>",
|
||||
"type": "string"
|
||||
},
|
||||
"ServiceDeskPlusBaseUrl": {
|
||||
"defaultValue": "https://sdpondemand.manageengine.eu/api/json/request",
|
||||
"type": "string"
|
||||
},
|
||||
"ServiceDeskPlusAuthToken": {
|
||||
"defaultValue": "",
|
||||
"type": "string"
|
||||
},
|
||||
"ServiceDeskPlusRequester": {
|
||||
"defaultValue": "Automated Sentinel Alert",
|
||||
"type": "string"
|
||||
},
|
||||
"ServiceDeskPlusGroup": {
|
||||
"defaultValue": "",
|
||||
"type": "string"
|
||||
},
|
||||
"ServiceDeskPlusImpact": {
|
||||
"defaultValue": "Affects Business",
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"variables": {
|
||||
"AzureSentinelConnectionName": "[concat('azuresentinel-', parameters('PlaybookName'))]"
|
||||
},
|
||||
"resources": [
|
||||
{
|
||||
"type": "Microsoft.Web/connections",
|
||||
"apiVersion": "2016-06-01",
|
||||
"name": "[variables('AzureSentinelConnectionName')]",
|
||||
"location": "[resourceGroup().location]",
|
||||
"properties": {
|
||||
"displayName": "[parameters('UserName')]",
|
||||
"customParameterValues": {},
|
||||
"api": {
|
||||
"id": "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Web/locations/', resourceGroup().location, '/managedApis/azuresentinel')]"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Logic/workflows",
|
||||
"apiVersion": "2017-07-01",
|
||||
"name": "[parameters('PlaybookName')]",
|
||||
"location": "[resourceGroup().location]",
|
||||
"properties": {
|
||||
"state": "Enabled",
|
||||
"definition": {
|
||||
"$schema": "https://schema.management.azure.com/providers/Microsoft.Logic/schemas/2016-06-01/workflowdefinition.json#",
|
||||
"contentVersion": "1.0.0.0",
|
||||
"parameters": {
|
||||
"$connections": {
|
||||
"defaultValue": {},
|
||||
"type": "Object"
|
||||
}
|
||||
},
|
||||
"triggers": {
|
||||
"When_a_response_to_an_Azure_Sentinel_alert_is_triggered": {
|
||||
"type": "ApiConnectionWebhook",
|
||||
"inputs": {
|
||||
"body": {
|
||||
"callback_url": "@{listCallbackUrl()}"
|
||||
},
|
||||
"host": {
|
||||
"connection": {
|
||||
"name": "@parameters('$connections')['azuresentinel']['connectionId']"
|
||||
}
|
||||
},
|
||||
"path": "/subscribe"
|
||||
}
|
||||
}
|
||||
},
|
||||
"actions": {
|
||||
"Alert_-_Get_incident": {
|
||||
"runAfter": {},
|
||||
"type": "ApiConnection",
|
||||
"inputs": {
|
||||
"host": {
|
||||
"connection": {
|
||||
"name": "@parameters('$connections')['azuresentinel']['connectionId']"
|
||||
}
|
||||
},
|
||||
"method": "get",
|
||||
"path": "/Cases/@{encodeURIComponent(triggerBody()?['SystemAlertId'])}/@{encodeURIComponent(triggerBody()?['WorkspaceSubscriptionId'])}/@{encodeURIComponent(triggerBody()?['WorkspaceId'])}/@{encodeURIComponent(triggerBody()?['WorkspaceResourceGroup'])}"
|
||||
}
|
||||
},
|
||||
"Create_ManageEngine_Service_Desk_Plus_Request": {
|
||||
"runAfter": {
|
||||
"Initialise_Request_Input_Data": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
"type": "Http",
|
||||
"inputs": {
|
||||
"method": "POST",
|
||||
"uri": "@{variables('serviceDeskSettings')['baseUrl']}?scope=sdpodapi&authtoken=@{variables('serviceDeskSettings')['authToken']}&OPERATION_NAME=ADD_REQUEST&INPUT_DATA=@{variables('InputData')}"
|
||||
}
|
||||
},
|
||||
"Initialize_Settings": {
|
||||
"runAfter": {
|
||||
"Alert_-_Get_incident": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
"type": "InitializeVariable",
|
||||
"inputs": {
|
||||
"variables": [
|
||||
{
|
||||
"name": "serviceDeskSettings",
|
||||
"type": "object",
|
||||
"value": {
|
||||
"authToken": "[parameters('ServiceDeskPlusAuthToken')]",
|
||||
"group": "[parameters('ServiceDeskPlusGroup')]",
|
||||
"impact": "[parameters('ServiceDeskPlusImpact')]",
|
||||
"requesterName": "[parameters('ServiceDeskPlusRequester')]",
|
||||
"baseUrl": "[parameters('ServiceDeskPlusBaseUrl')]"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"Initialise_Request_Input_Data": {
|
||||
"runAfter": {
|
||||
"Map_Severity": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
"type": "InitializeVariable",
|
||||
"inputs": {
|
||||
"variables": [
|
||||
{
|
||||
"name": "InputData",
|
||||
"type": "string",
|
||||
"value": "{\n \"operation\": {\n \"Details\": {\n \"REQUESTER\": \"@{variables('serviceDeskSettings')['requesterName']}\", \n \"SUBJECT\": \"@{body('Alert_-_Get_incident')?['properties']?['Title']}\",\n \"PRIORITY\": \"@{variables('Severity')}\",\n \"IMPACT\": \"@{variables('serviceDeskSettings')['impact']}\",\n \"URGENCY\": \"@{variables('Severity')}\",\n \"DESCRIPTION\": \"@{decodeUriComponent(replace(uriComponent(body('Alert_-_Get_incident')?['properties']?['Description']),'%0A','%3Cbr%3E'))}\",\n\t\"GROUP\": \"@{variables('serviceDeskSettings')['group']}\"\n }\n }\n}" }
|
||||
]
|
||||
}
|
||||
},
|
||||
"Map_Severity": {
|
||||
"runAfter": {
|
||||
"Initialize_Settings": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
"type": "InitializeVariable",
|
||||
"inputs": {
|
||||
"variables": [
|
||||
{
|
||||
"name": "Severity",
|
||||
"type": "string",
|
||||
"value": "@{if(equals(body('Alert_-_Get_incident')?['properties']?['Severity'],'Informational'), 'Low', body('Alert_-_Get_incident')?['properties']?['Severity'])}"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
},
|
||||
"outputs": {}
|
||||
},
|
||||
"parameters": {
|
||||
"$connections": {
|
||||
"value": {
|
||||
"azuresentinel": {
|
||||
"connectionId": "[resourceId('Microsoft.Web/connections', variables('AzureSentinelConnectionName'))]",
|
||||
"connectionName": "[variables('AzureSentinelConnectionName')]",
|
||||
"id": "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Web/locations/', resourceGroup().location, '/managedApis/azuresentinel')]"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
@ -0,0 +1,18 @@
|
|||
# Open-ServiceDeskPlusOnDemand-Ticket
|
||||
author: Robert Kitching
|
||||
|
||||
This playbook will open a new ManageEngine Service Desk Plus ticket request when a new incident is created.
|
||||
|
||||
NB. This will create a request with the required default values. You will need to generate an authtoken.
|
||||
|
||||
Please refer to https://api-sdpondemand.wiki.zoho.com/Getting-started.html for API reference.
|
||||
|
||||
Customise and adjust the request body as appropriate.
|
||||
|
||||
|
||||
<a href="https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FAzure%2FAzure-Sentinel%2Fmaster%2FPlaybooks%2FOpen-ServiceDeskPlusOnDemand-Ticket%2Fazuredeploy.json" target="_blank">
|
||||
<img src="https://aka.ms/deploytoazurebutton"/>
|
||||
</a>
|
||||
<a href="https://portal.azure.us/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FAzure%2FAzure-Sentinel%2Fmaster%2FPlaybooks%2FOpen-ServiceDeskPlusOnDemand-Ticket%2Fazuredeploy.json" target="_blank">
|
||||
<img src="https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/1-CONTRIBUTION-GUIDE/images/deploytoazuregov.png"/>
|
||||
</a>
|
||||
Загрузка…
Ссылка в новой задаче